[Whonix-devel] [qubes-devel] Require script to run immed. after /rw mount
Patrick Schleizer
patrick-mailinglists at whonix.org
Tue Apr 18 01:06:00 CEST 2017
Marek Marczykowski-Górecki:
> On Mon, Apr 17, 2017 at 10:02:00PM +0000, Patrick Schleizer wrote:
>>> Alternately, mount-dirs.sh could have
>>> a hook that points to a specific user script in /etc.
>
>> User script sounds a bit limited. What about something a little more
>> flexible?
>
>> Untested pseudo code:
>
>> if [ -d /etc/qubes/mount-dirs-post.d ]; then
>> run-parts /etc/qubes/mount-dirs-post.d
>> fi
>
> IMO this is the way to go. In addition to your VM hardening scripts,
> this could be used also for some /rw initialization, beyond /etc/skel.
> AFAIR there was a need for similar thing to copy Tor Browser there.
>
> As for implementation - do we want it in /etc, /usr/lib, or both (so
> files in /etc could override /usr/lib)?
Yes in both. Actually in all three. I.e. /etc/, /usr/lib and in
/usr/local (/rw) to make it complete.
> But having both means we can't
> use run-parts :(
Why not just use above "Untested pseudo code" three times with the
different dirs? :)
Cheers,
Patrick
More information about the Whonix-devel
mailing list